<?php
/*
 *  This file is part of Urd.
 *
 *  Urd is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 3 of the License, or
 *  (at your option) any later version.
 *  Urd is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program. See the file "COPYING". If it does not
 *  exist, see <http://www.gnu.org/licenses/>.
 *
 * $LastChangedDate: 2008-07-15 15:42:06 +0200 (Tue, 15 Jul 2008) $
 * $Rev: 1296 $
 * $Author: gavinspearhead $
 * $Id: checkauth.php 1296 2008-07-15 13:42:06Z gavinspearhead $
 */

define('ORIGINAL_PAGE', $_SERVER['PHP_SELF']);

$pathfp = realpath(dirname(__FILE__));
$pathca = realpath($pathfp. '/../functions/');
session_name('URD_WEB_FORGOTPW'. md5($pathca)); // add the hashed path so we can have more than 1 session to different urds in one browser
@session_start();

require_once "$pathfp/../config.php";


if (isset($config['urdweb_logfile']))
    $config['log_file'] = $config['urdweb_logfile'];
else 
    $config['log_file'] = '/dev/null';

$process_name = 'urd_web'; // needed for message format in syslog and logging 

require_once "$pathfp/../functions/urd_log.php";
require_once "$pathfp/../functions/autoincludes.php";
require_once "$pathfp/../functions/functions.php";
try {
    $db = connect_db();  // initialise the database
} catch (exception $e) {
    echo "Connection to database failed.\n";
    die;
}


$rprefs = load_config($db);
require_once "$pathfp/../functions/exception.php";
require_once "$pathfp/../functions/web_functions.php";
require_once "$pathfp/../functions/mail_functions.php";
require_once "$pathfp/../html/fatal_error.php";
require_once "$pathfp/../functions/urdversion.php";
require_once "$pathfp/../functions/defines.php";
require_once "$pathfp/../functions/smarty.php";

$status = 'show';


if (isset($_POST['username']) && isset($_POST['email'])) {
    verify_challenge($_POST['challenge']);
    $status = 'sent';
    $username = $_POST['username'];
    $email = $_POST['email'];
    $sql = "\"ID\", \"fullname\" FROM users WHERE \"email\" = '$email' AND \"name\" = '$username'";
    $res = $db->select_query($sql,1);
    if ($res !== FALSE) {
        $newpw = generate_password(MIN_PASSWORD_LENGTH);
        $id = $res[0]['ID'];
        $name = $res[0]['fullname'];
        set_password($db, $id, $newpw);

        $sender = $rprefs['admin_email'];
        mail_pw($db, $name, $email, $newpw, $sender);
    }
}


$__message = '';
$challenge = set_challenge();

$smarty->assign('__message', $__message);
$smarty->assign('status', $status);
$smarty->assign('title', 'URD - ' . $LN['forgot_title']);
$smarty->assign('menu', generate_menu($LN));
$smarty->assign('challenge', $challenge);

$smarty->display('forgot_password.tpl');

?>
